To perform the procedures in this step, it is not necessary to log on with administrative credentials to the client computer. In other words, if you are logged on to the client as Alan Shen (alansh), you can access the claims-aware application without adding alansh to any of the local administrator groups (for example, Power Users, Administrators) on the adfsclient computer.

Open a browser window, and then go to https://adfsweb.treyresearch.net/claimapp/.

Note

You will be prompted twice (in the Security Alert dialog box) for certificate information. You can install each certificate by clicking View Certificate and then clicking Install, or you can click Yes each time that you are prompted. Each of these Security Alert prompts displays the message "The security certificate was issued by a company you have not chosen to trust." This is expected behavior because self-signed certificates are used for the purposes of this guide.

When you are prompted for your home realm, click A. Datum Corporation, and then click Submit.

Note

You will be prompted one more time for a certificate.

At this point the SSO Sample Application appears in the browser. You can see which claims were sent to the Web server in the SingleSignOnIdentity.SecurityPropertyCollection section of the sample application.

Note

If for any reason you have problems accessing the claims-aware application, consider running iisreset or rebooting the adfsweb computer. Then, try to access the application again.

Open a browser window, and then install the required certificates on the client by doing the following:

Go to https://adfsaccount.adatum.com/

The browser displays a "Certificate Error: Navigation Blocked" error message that notifies you that the incoming certificate was not issued by a trusted certification authority. This error is expected behavior when you deploy AD FS servers with self-signed certificates.

Click the Continue to this website (not recommended) link.

In the address bar, click Certificate Error, and then click View certificates.

In the Certificate dialog box, click Install Certificate.

On the Welcome to the Certificate Import Wizard page, click Next.

On the Certificate Store page, click Place all certificates in the following store, and then click Browse.

Repeat steps a through j using https://adfsresource.treyresearch.net and https://adfsweb.treyresearch.net to install all three certificates into the Trusted Root Certification Authorities certificate store.

Go to https://adfsweb.treyresearch.net/claimapp/. When you are prompted for your home realm, click A. Datum Corporation, and then click Submit.

At this point the SSO Sample Application appears in the browser. You can see which claims were sent to the Web server in the SingleSignOnIdentity.SecurityPropertyCollection section of the sample application.

Note

If for any reason you have problems accessing the claims-aware application, consider running iisreset or rebooting the adfsweb computer. Then, try to access the application again.